Virus or Somthing Please help.
Posted: September 28th, 2005, 4:41 am
Well somehow I got some virus's or somthing, and it started installing somthing so I quickly exited it. I tryed finding ewido but couldnt find a download. I remember it being free last time I got it.
I now have kaspersky trial on here, beacause I just reformated and im not able to locate a download for ewido that works, I found one but it wouldnt work because the update wasnt updating.
So I ran kaspersky, deleted like 50 infected objects or so, ran hijack this and deleted everything I saw that shouldnt have been there... Is there anything you see in my hijack this log that I should delete?
Logfile of HijackThis v1.99.1
Scan saved at 12:39:11 AM, on 9/28/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wpabaln.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Paul\Desktop\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Hacker\KAVPF.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
My main problem would be that everytime I google somthing it trys bringing up some random page each time I click on a link that is like pricegrabber,http://www.bizrate.com/,then after like 4-5 times of clicking the google link over and over it finally goes to the correct page.
Anyone know a fix to this or what it is?
Thanks in advance,
-- Paul
lol
-- Paul